This chapter covers security in operations including physical and environmental security, equipment security, and monitoring activities. The core concepts in the operations security are covered with suitable illustrations.
A candidate appearing for the CISSP exam is expected to understand the foundational concepts and have the knowledge in the following key areas of the operations security domain:
- Implementing and managing physical security
- Physical security principles for sites and facilities
- Environmental security practices for sites and facilities
- Logging and monitoring activities
- Understanding and supporting investigations
- Securing the provision of resources
- Operations security
- Resource protection techniques
- Foundational concepts on incident management
- Preventative measures
- Patch and vulnerability management
- Change management principles
- Disaster recovery and business continuity exercises
Assets, such as data, are accessed and processed in operational areas through systems and applications. Similarly, access to facilities, such as data centers and operational areas, are facilitated through access control mechanisms. Hence, physical access to operational areas needs to have appropriate controls for strong authentication and authorization.
Observe the following illustration. Users need access to physical facilities such as operational areas. Such physical areas can be subdivided into perimeter and interior sections. Controlling access to operational areas, and the process of identifying and blocking unauthorized intrusions to the operational areas are primary security requirements in this domain. In the scenario of a physical intrusion, it is essential to identify breaches and implement control actions, including investigations:
In this module, you will learn about the following:
- Applying secure principles to the site and facility design
- Designing and implementing physical security
- Understanding logging and monitoring activities
- Understanding and supporting investigations
- An overview of investigation types
- An overview of security while the provision of resources
- Understanding operations security
- Employing resource protection techniques